home

qTestExplorer.exe

qTest eXplorer Integrated

QASymphony, LLC.

This is a setup and installation application. The file has been seen being downloaded from qtest-explorer-integrated.software.informer.com and multiple other hosts.
Publisher:
QASymphony  (signed by QASymphony, LLC.)

Product:
qTest eXplorer Integrated

Description:
qTest eXplorer Integrated Setup

Version:
1.0.0.1

MD5:
938d7bf20fa8bbf1aec5f3a34990f835

SHA-1:
56c5b2913df90edc376b3258d844a1a4d8d5f883

SHA-256:
d46b51b0e4c68558880f65f4ce85b0c7dae5c66fd08ebf9c52c51c97e5f7fd3e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/6/2024 8:55:20 PM UTC  (today)

File size:
17.5 MB (18,314,456 bytes)

Product version:
5.0.3.38

Copyright:
Copyright (C) QASymphony 2015

Original file name:
qTestExplorer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\qtestexplorer.exe

Digital Signature
Signed by:
QASymphony, LLC.

Authority:
GlobalSign nv-sa

Valid from:
11/19/2014 11:13:27 PM

Valid to:
1/27/2016 5:27:10 AM

Subject:
E=info@qasymphony.com, CN="QASymphony, LLC.", OU=Information & Technology, O="QASymphony, LLC.", L=Atlanta, S=GA, C=US

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112131A25E6F544C4C56501F7D1C7674ED32

File PE Metadata
Compilation timestamp:
9/25/2015 3:22:10 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
393216:iciPT50S8YIEqoWkNkhLNoXbmBcAiFf1OhBtd7Zch4dYDH:tS8bPkmh5oohhZfqz

Entry address:
0x2ABB

Entry point:
E8, DB, 04, 00, 00, E9, 80, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, C0, 30, 41, 00, FF, 75, 08, FF, 15, BC, 30, 41, 00, 68, 09, 04, 00, C0, FF, 15, C4, 30, 41, 00, 50, FF, 15, C8, 30, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, ED, F2, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 40, BA, 41, 00, 89, 0D, 3C, BA, 41, 00, 89, 15, 38, BA, 41, 00, 89, 1D, 34, BA, 41, 00, 89, 35, 30, BA, 41, 00, 89, 3D, 2C, BA, 41, 00, 66, 8C, 15, 58, BA, 41, 00, 66, 8C, 0D, 4C, BA, 41, 00, 66, 8C, 1D, 28...
 
[+]

Entropy:
7.8909  (probably packed)

Code size:
71 KB (72,704 bytes)

The file qTestExplorer.exe has been seen being distributed by the following 2 URLs.

http://qtest-explorer-integrated.software.informer.com/.../

https://qasymphony.com/downloads/.../

Scan qTestExplorer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.